Recent reports underscore the importance of monitoring a company's social media presence. To ensure proper board oversight of social media compliance, counsel should understand and fully communicate to the board the risks associated with the company's social media presence and the measures in place to comply with relevant social media policies.
According to a recent survey in Corporate Board Member Magazine:
(NYSE Governance Services, Corporate Board Member Magazine, 2nd Quarter 2015.)
Further, a recent study by NextGate on social media compliance by Fortune 100 companies found an average of over 320 company-branded social media accounts with over 1,500 employee participants (NextGate, State of Social Media Infrastructure Part III: A Compliance Analysis Fortune 100 Social Media Infrastructure, 2015). Given the large number of employee participants, oversight can be difficult, and there is a significant risk that employees on social media will, without authorization, appear to be speaking on behalf of the company, including by posting sensitive information.
To protect against social media risks, counsel may want to discuss with the company's board whether to implement the following measures:
For a detailed discussion of social media issues under securities and disclosure laws, see http://us.practicallaw.com/6-523-5948.
For sample company social media guidelines, http://us.practicallaw.com/0-523-4937.
Companies should confirm that their policies establish appropriate and well-documented ownership roles and responsibilities and control protocols to narrow the scope of securities fraud liability for their officers and employees, in light of a recent Seventh Circuit decision.
In Glickenhaus & Co. v. Household International, Inc., the plaintiffs filed a securities fraud class action under Rule 10b-5 under the Exchange Act against a mortgage lender and three of its top executives for making false and misleading statements that inflated the company's share price.
Previously, the U.S. Supreme Court held in Janus Capital Group v. First Derivative Traders, that the only proper defendant under Rule 10b-5 is the “maker” of a statement, meaning the person or entity with ultimate authority over the statement.
In Glickenhaus, the district court held that Janus applied only to legally independent third parties, not to corporate insiders like the executives. The Seventh Circuit reversed and remanded, determining in relevant part that the Supreme Court's interpretation of Rule 10b-5 in Janus applied generally, not just to corporate outsiders. Therefore, under Glickenhaus, a corporate insider who merely prepares or publishes a statement on behalf of another is not its maker and cannot be held liable for Rule 10b-5 fraud claims arising out of that statement.
For more information on this decision, see http://us.practicallaw.com/9-614-2046.
In light of expanded enforcement efforts by two online advertising self-regulatory organizations, companies that engage in online interest-based advertising (IBA) should review and update their privacy policies and practices.
The Network Advertising Initiative (NAI) issued Guidance for NAI Members: Use of Non-Cookie Technologies for Interest-Based Advertising Consistent with the NAI Code of Conduct (Guidance), which became effective May 18, 2015. NAI staff will enforce compliance with the Guidance following an implementation period. The Guidance establishes best practices for NAI members' use of digital fingerprinting and other new data collection technologies for IBA, including through advertising and media service providers.
The Digital Advertising Alliance announced that on September 1, 2015 it will begin enforcing its existing Self-Regulatory Principles for Online Behavioral Advertising and Self-Regulatory Principles for Multi-Site Data (together, Principles) in the mobile website and app environment. The Principles include specific obligations on consumer notice, transparency and control, and apply to all companies engaged in IBA.
Companies that collect and use data online for IBA, either directly or through advertising and media service providers, should assess their compliance with the Guidance and the Principles. Appropriate steps may include:
For more information on privacy and data security law, see Practice Note: Overview, US Privacy and Data Security Law: Overview.
This look at the major issues on the horizon for corporate counsel comes from Practical Law – an online legal know-how service. View all the looming issues now – compliments of Practical Law The Journal, which covers the latest transactional and compliance topics that impact your practice. To gain access to more related know-how resources, please visit us.practicallaw.com.